Yes, this is absolutely possible, and recommended! To accomplish this, you will need to configure the “protocol” as SSL and map it also to SSL on your servers (both probably on port 443). This ensures SSL is maintained between the client and your servers, while still allowing you to take advantage of our SSL acceleration, […]
There are a few steps involved to successfully export SSL certificates from Microsoft IIS. Essentially, it needs to be exported, run through openssl to separate the key from the cert and split into two files. The two files can then be loaded into the interface. If you already have a key and cert file because […]
The answer depends on what you are trying to accomplish. If you want to enable SSL Offload or SSL intercept so we can inject the source IP (client IP), then YES, you will need to use either the SSL or SSL_TCP protocol with port 443 AND upload and attach an SSL Certificate. If you do […]
If you’re attempting to create a certificate key-pair and have received the message shown below, there is usually one common remedy: The remedy is to run your key through OpenSSL using the RSA key processing tool to change it to the traditional SSLeay compatible format. And yes, to immediately answer our critics: we do support […]
Method: GET URI: /ALF/SSL/IntermediateCert/{certId} This method will retrieve a specific Intermediate Certificate
What is a PFX Certificate file? A PFX certificate file, also known as PKCS #12, is a combined file that contains the server certificate, intermediate certificate as well as the matching private key and is password protected. These files are typically used on Windows systems and if you already have a certificate and key on […]
Your plaintext internet traffic is subject to attack. You already knew this. And it probably won’t surprise you to learn that your encrypted internet traffic is also vulnerable. It’s an unfortunate situation. Carl Herberger, Radware’s VP for Security Solutions, says that the prospect of SSL-based attacks “makes a folly of our existing security infrastructure”. The […]
We permit uploading of SSL certificates which can be attached to the SSL protocol. This allows us to decrypt the SSL session in order to insert client-ip headers, or perform SSL offload. Unless you require either of these two features, you probably don’t need SSL and could use the SSL_PROXY protocol instead to simply pass […]
Method: DELETE URI: /ALF/SSL/CertificateKeyPair/{CertKeyPairId} This method deletes a Cert/Key pairing. A cert/key pair must not be bound to any Packs in order to successfully complete this operation.
Method: POST URI: /ALF/SSL/CertificateKeyPair This method creates a certificate and key pairing, which is required in order to attach it to a Pack. Field Required data Name A name for your cert/key pair. E.G. “example.com-2016” KeyId The Key ID […]